# read x509 subject
my $bio = Net::SSLeay::BIO_new_file($filename, 'r');
+ die "Could not open $filename using OpenSSL\n"
+ if !$bio;
+
my $x509 = Net::SSLeay::PEM_read_bio_X509($bio);
Net::SSLeay::BIO_free($bio);
+
+ die "Could not parse X509 certificate in $filename\n"
+ if !$x509;
+
my $nameobj = Net::SSLeay::X509_get_subject_name($x509);
my $subject = Net::SSLeay::X509_NAME_oneline($nameobj);
Net::SSLeay::X509_free($x509);
die "yubico: wrong OTP lenght\n" if (length($otp) < 32) || (length($otp) > 48);
- # we always use http, because https cert verification always make problem, and
- # some proxies does not work with https.
$url = 'http://api2.yubico.com/wsapi/2.0/verify' if !defined($url);
my $req = HTTP::Request->new('GET' => "$url?$paramstr");
- my $ua = LWP::UserAgent->new(protocols_allowed => ['http'], timeout => 30);
+ my $ua = LWP::UserAgent->new(protocols_allowed => ['http', 'https'], timeout => 30);
if ($proxy) {
- $ua->proxy(['http'], $proxy);
+ $ua->proxy(['http', 'https'], $proxy);
} else {
$ua->env_proxy;
}